By default, CentOS comes with iptables enabled and some basic firewall rules ON.
You can verify the iptables firewall status by launching the following command:
Those are the default CentOS rules and they're just waiting to be customized by you!
- For example, you may wish to ALLOW HTTP traffic like so:
# Allows HTTP Traffic.
-A INPUT -i eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
- Or maybe you're willing to allow MySQL traffic?
# Allows MySQL Traffic.
-A INPUT -i eth0 -p tcp --dport 3306 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
- What about allowing SSH only to a particular subnet?
# Allows SSH to 10.100.100.0/24.
-A INPUT -p tcp -s 10.100.100.0/24 --dport 22 -j ACCEPT
Sorry, I forgot to tell you'll have to edit /etc/sysconfig/iptables (make a backup copy first!), then restart the daemon!
…or just Disable it.
Alright, alright, if you really must:
chkconfig iptables off
chkconfig ip6tables off
Have phun (no phun intended)!